Use AI PII Sanitizer plugin to protect sensitive data in responses
Enable the AI Proxy and then AI PII Sanitizer plugin in OUTPUT mode to automatically redact or replace sensitive data in the responses from your service. Then, use File Log plugin to audit what PII data was sanitized.
Prerequisites
Kong Konnect
This is a Konnect tutorial and requires a Konnect personal access token.
-
Create a new personal access token by opening the Konnect PAT page and selecting Generate Token.
-
Export your token to an environment variable:
export KONNECT_TOKEN='YOUR_KONNECT_PAT'Copied! -
Run the quickstart script to automatically provision a Control Plane and Data Plane, and configure your environment:
curl -Ls https://get.konghq.com/quickstart | bash -s -- -k $KONNECT_TOKEN --deck-outputCopied!This sets up a Konnect Control Plane named
quickstart, provisions a local Data Plane, and prints out the following environment variable exports:export DECK_KONNECT_TOKEN=$KONNECT_TOKEN export DECK_KONNECT_CONTROL_PLANE_NAME=quickstart export KONNECT_CONTROL_PLANE_URL=https://us.api.konghq.com export KONNECT_PROXY_URL='http://localhost:8000'Copied!Copy and paste these into your terminal to configure your session.
Kong Gateway running
This tutorial requires Kong Gateway Enterprise. If you don’t have Kong Gateway set up yet, you can use the quickstart script with an enterprise license to get an instance of Kong Gateway running almost instantly.
-
Export your license to an environment variable:
export KONG_LICENSE_DATA='LICENSE-CONTENTS-GO-HERE'Copied! -
Run the quickstart script:
curl -Ls https://get.konghq.com/quickstart | bash -s -- -e KONG_LICENSE_DATACopied!Once Kong Gateway is ready, you will see the following message:
Kong Gateway Ready
decK v1.43+
decK is a CLI tool for managing Kong Gateway declaratively with state files. To complete this tutorial, install decK version 1.43 or later.
This guide uses deck gateway apply, which directly applies entity configuration to your Gateway instance.
We recommend upgrading your decK installation to take advantage of this tool.
You can check your current decK version with deck version.
Required entities
For this tutorial, you’ll need Kong Gateway entities, like Gateway Services and Routes, pre-configured. These entities are essential for Kong Gateway to function but installing them isn’t the focus of this guide. Follow these steps to pre-configure them:
-
Run the following command:
echo ' _format_version: "3.0" services: - name: example-service url: http://httpbin.konghq.com/anything routes: - name: example-route paths: - "/anything" service: name: example-service ' | deck gateway apply -Copied!
To learn more about entities, you can read our entities documentation.
Mistral
This tutorial uses Mistral:
- Create a Mistral account.
- Get your API key.
- Export a decK environment variable with the Mistral API key:
export DECK_MISTRAL_API_KEY='YOUR MISTRAL API KEY'
AI PII Anonymizer service access
Kong provides AI PII Anonymizer service Docker images in a private repository. These images are distributed via a private Cloudsmith registry. Contact Kong Support to request access.
To pull images, first authenticate with the token provided by Support:
docker login docker.cloudsmith.io/kong/ai-pii
Docker will then prompt you to enter a username and password:
Username: kong/ai-pii
Password: YOUR-TOKEN
To pull an image:
docker pull docker.cloudsmith.io/kong/ai-pii/IMAGE-NAME:TAG
Replace IMAGE-NAME and TAG with the appropriate image and version, such as:
docker pull docker.cloudsmith.io/kong/ai-pii/service:v0.1.2-en
Each image includes a built-in NLP model. Check the AI Sanitizer documentation for more detail.
Start the Kong AI PII Sanitizer service
Make sure you have access to the AI PII service, then run the following command to start it locally with Docker:
docker run --rm -p 8080:8080 docker.cloudsmith.io/kong/ai-pii/service:v0.1.2-en
Enable the AI Proxy plugin
Use the AI Proxy plugin to connect to Mistral:
echo '
_format_version: "3.0"
plugins:
- name: ai-proxy
config:
route_type: llm/v1/chat
auth:
header_name: Authorization
header_value: Bearer ${{ env "DECK_MISTRAL_API_KEY" }}
model:
provider: mistral
name: mistral-tiny
options:
mistral_format: openai
upstream_url: https://api.mistral.ai/v1/chat/completions
' | deck gateway apply -
Enable the AI PII Sanitizer plugin for output
Configure the AI PII Sanitizer plugin to sanitize all sensitive data in responses, using placeholders in the output, pointing to your local Docker host where the PII Sanitizer service container works:
echo '
_format_version: "3.0"
plugins:
- name: ai-sanitizer
config:
anonymize:
- all_and_credentials
sanitization_mode: OUTPUT
host: host.docker.internal
port: 8080
redact_type: placeholder
recover_redacted: false
stop_on_error: true
' | deck gateway apply -
Configure the File Log plugin
To inspect what the AI PII Sanitizer plugin redacts, we can configure the File Log plugin. It records each sanitization event, including the original sensitive items, how they were replaced, and the number of occurrences. This makes it easy to audit what was sanitized and verify the AI PII Sanitizer plugin’s behavior.
echo '
_format_version: "3.0"
plugins:
- name: file-log
config:
path: "/tmp/file.json"
' | deck gateway apply -
Validate
Send a request that would normally include sensitive information in the response:
curl -X POST "$KONNECT_PROXY_URL/anything" \
-H "Accept: application/json"\
-H "Content-Type: application/json" \
--json '{
"messages": [
{
"role": "system",
"content": "You are a helpful assistant. Please repeat the following information back to me."
},
{
"role": "user",
"content": "My name is John Doe, my phone number is 123-456-7890."
}
]
}'
curl -X POST "http://localhost:8000/anything" \
-H "Accept: application/json"\
-H "Content-Type: application/json" \
--json '{
"messages": [
{
"role": "system",
"content": "You are a helpful assistant. Please repeat the following information back to me."
},
{
"role": "user",
"content": "My name is John Doe, my phone number is 123-456-7890."
}
]
}'
If configured correctly, the response should have sensitive output data replaced with placeholders:
Your name is PLACEHOLDER1, and your phone number is PLACEHOLDER2.
We can also check file.json to inspect the collected logs and see what PII data has been sanitized by the plugin. To do this, enter the following command in your terminal to access the log file within your Docker container:
docker exec kong-quickstart-gateway cat /tmp/file.json | jq
This should give you the following output:
"ai": {
"sanitizer": {
"sanitized_items": [
{
"original_text": "John Doe",
"entity_type": "PERSON",
"redact_text": "PLACEHOLDER1",
"count": 1
},
{
"original_text": "123-456-7890",
"entity_type": "PHONE_NUMBER",
"redact_text": "PLACEHOLDER2",
"count": 1
}
],
"sanitized": 2,
"identified": 2,
"duration": 24
}
...
}
Cleanup
Clean up Konnect environment
If you created a new control plane and want to conserve your free trial credits or avoid unnecessary charges, delete the new control plane used in this tutorial.
Destroy the Kong Gateway container
curl -Ls https://get.konghq.com/quickstart | bash -s -- -d